Unrated severityNVD Advisory· Published Mar 29, 2014· Updated May 6, 2026

CVE-2014-0344

Description

Properties.do in ZOHO ManageEngine OpStor before build 8500 does not properly check privilege levels, which allows remote authenticated users to obtain Admin access by using the name parameter in conjunction with a true value of the edit parameter.

Affected products

Zohocorp/Manageengine Opstor
cpe:2.3:a:zohocorp:manageengine_opstor:*:*:*:*:*:*:*:*
Range: <=8.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/140886nvdThird Party AdvisoryUS Government Resource
www.securityfocus.com/bid/66499nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000